Sept 14-17, 2015

SEPT 14-17, 2015

CONFERENCES

STAY ON THE CUTTING EDGE OF TECHNOLOGY!

• 80+ in-depth sessions • 40+ Microsoft and industry experts MONTEREY CONFERENCE CENTER • Cool evening parties

MONTEREY, CA CO-LOCATED WITH

JUVAL LOWY ADAM BENZION TED NEWARD TROY HUNT Founder Hackster.io Architect Microsoft MVP - Security IDesign, Inc. TedNeward.com TroyHunt.com 203.264.8220 [email protected] TECHintersection.com IMMERSE YOURSELF IN THE HOTTEST AND MOST RELEVANT TOPICS INFLUENCING TECHNOLOGY SOLUTIONS TODAY!

n today’s ever changing and fast paced world, it can be challenging to stay on top of new technologies while at the same time mastering fundamentals. IoT Iis beginning to emerge in every business sector and if you are not doing it yet, you will be soon regardless of the business you Register Now and for a are in. Architecture and Security are like “Workshop Package” and muscles that need to be constantly tuned receive a choice of XBOX ONE, for optimal results. TECHintersection brings Surface 3 or Microsoft Band experts from across the industry together based on the package chosen. to educate, network and share their insights into the challenges that technologists face today

REASONS TO ATTEND

»» Take part in technical sessions designed around practices and insights that you can use today and tomorrow. »» Spend time with other like-minded developers and architects in daily networking op- portunities. »» Learn from experts on the forefront of technology. »» Learn Microsoft’s latest IoT strategy from the teams who created the technology. »» Dive deep into security tips and best practices to keep your company safe from hackers. »» Get up to speed on the latest techniques for architecting for the Cloud, including Big Data and DevOps. »» Take home an XBOX ONE, Surface 3 or Microsoft Band when you register for a “Workshop Package.” »» Participate in an all-day hands-on IoT ACCESS TO workshop, and get an Arduino develop- CO-LOCATED ment kit you can use to continue your learning at home. »» Meet with companies who build the tools and technologies you use in the A conference to get a unique Expo Hall. perspective from industry experts out in the trenches! The only conference that brings you leaders in architecture, IoT and security - all at one fabulous location.

FEATURED SPEAKERS

JUVAL LOWY ADAM BENZION TROY HUNT RICHARD CAMPBELL PAULA JANUSZKIEWICZ Founder Founder Microsoft MVP - Security Host of .NET Rocks and IT Security IDesign, Inc. Hackster.io troyhunt.com RunAs Radio CQURE

MICHELE BUSTAMANTE TED NEWARD DOUG SEVEN PAMELA DINGLE BROCK ALLEN Cloud / Security Architect Architect Director, Partner Catalyst Team Senior Technical Architect Web / Security Architect Solliance TedNeward.com Microsoft Ping Identity brockallen.com

REGISTER NOW for a “Workshop Package” and receive a choice of XBOX ONE, Surface 3 or Microsoft Band based on the package chosen. Get a Surface 3 when you register for one of the “Complete Package” options. See website for details! GROUP DISCOUNTS AVAILABLE Call at 203.264.8220 9-5 EST for more than three people from the same company registering at the same time.

SCHEDULE

MONDAY, SEPT 14, 2015 WEDNESDAY, SEPT 16, 2015 9:00am – 4:00pm Pre-Pre-Conference Workshops 8:00am – 9:00am Continental Breakfast TUESDAY, SEPT 15, 2015 9:00am – 10:00am Keynote 8:00am – 9:00am Continental Breakfast 10:30am – 12:45am Sessions 9:00am – 10:00am Opening Keynote 12:45pm – 2:00pm Lunch 10:30am – 12:45am Sessions 2:00pm – 4:30pm Sessions 12:45pm – 2:00pm Lunch 4:30pm – 5:00pm EXPO Raffle 2:00pm – 4:30pm Sessions THURSDAY, SEPT 17, 2015 4:30pm – 5:00pm Panel 8:30am – 9:00am Continental Breakfast 5:30pm – 6:00pm EXPO 8:30am – 10:45am Sessions 11:15pm –12:15pm Closing & Prizes FRIDAY, SEPT 18, 2015 9:00am – 4:00pm Post-Conference Workshops

YOUR CONFERENCE REGISTRATION INCLUDES: Three continental breakfasts, two lunches, breaks, reception, T-shirt, conference backpack, evening activities and access to all sessions in co-located events. Workshop attendees only get lunch on pre- and post-con days. SESSIONS

THE ARCHITECT JUVAL LOWY The software industry is in a deep crisis. Projects suffer from low quality; schedule slips and cost overrun are common. But this is hardly ordained since there are plenty of examples of projects done on schedule, on budget, on quality in a repeatable manner. The key for solving the crisis is to practice software development as an engineering discipline, just like it is done in mechanical or electrical engineering. That is exactly the responsibility of the modern software architect, which must address software systems from an engineering standpoint, applying age-old engineering practices to software development. Armed with that crucial observation Juval will share his perspective on what is the key set of skills required of the architect, the role architects have to plan in order for the project to succeed, what it implies both to companies and to individual architects, and how should architects navigate and manage their own career path and personal growth.

SOFTWARE PROJECT DESIGN A cutting edge event that will JUVAL LOWY Much as the need to design the impact how you think, system, you must also design the project: from scheduling re- innovate and design. sources behind the services, to tracking your progress across Juval Lowy developers, services and phases of completion, to validating your plan, and accommodating changes. This requires understanding the inner dependencies between services and activities, the critical path of integration, the available floats, the staff distribution and the risks involved. All of these challenges stem from your design and address- ing them properly is a hardcore engineering task – designing the project. In this intense session, Juval Lowy shares his approach software project design, along with his unique insight for delivering software on schedule and budget. You will also see to deal with common misconceptions and typical roles and responsibilities in the team.

ADVANCED TECHNIQUES IN PROJECT DESIGN JUVAL LOWY If project duration is of no consequence, you should design your project for the lowest cost. But if cost is immaterial, you should design it for the least duration. The best solution for every project lies between these two extremes, yet finding it is a highly engineered design task. This session will provide you with the tools and techniques required to achieve a balanced and even optimal solution, enabling you to determine best overall plan for your system while eliminating gambling, death marches, wishful thinking, and expensive trial and errors. The sessions assumed knowledge of basic critical path concepts such as network design, resource allocations and floats, and will expand on these essentials to include finding your project time/cost curve, network compression techniques, activity crashing, risk analysis, staffing distribution options and project design. You will also see a comprehensive case study and walk through its various permutations in determining the best plan that will keep the project on time all the time at the best risk and cost available.

EVALUATING UX WITH UNIVERSAL DESIGN PRINCIPLES BILLY HOLLIS Users usually help choose a final UX design, but your team must decide if early designs are worthy of further consideration. One of the best techniques to help you decide is reliance on universal design principles, based in the human brain and visual system. Going beyond “this just feels right”, this session covers the dozen or so most important design principles you need to know to help you decide what designs are likely to work or not work. You’ll also see options for getting additional exposure to the world of design principles.

4 | SEPTEMBER 14-17, 2015 | Monterey Conference Center, Monterey, CA Juval Lowy Ted Neward

ESSENTIALS AND OPTIONS FOR CREATING YOUR OWN UX DESIGN PROCESS BILLY HOLLIS Modern development teams typically have a mature process for code-centric development, but most lack a structured process for doing UX design. There is no one optimal process for all teams and applications, but this session will discuss the most important aspects of successful design processes, and present options for you to create your own process, including all the major phases you need to include. You see the importance of paper and pencil, learn how to observe users and analyze your observations, and why most applications need an experimental design to break with the past and create new, compelling modern UX.

HOW TO INTERVIEW A DEVELOPER BILLY HOLLIS Moving into a team leadership role usually means that you are expected to help add new team members by interviewing candidates for developer positions. There are right and wrong ways to go about it, and most people with a developer background start off with interviews that don’t do a particularly good job of evaluating a candidate in depth. This session will give you basic tips, a list of good questions to ask, and a list of common mistakes made by rookie interviewers. Come learn the basics of interviewing developers from someone who has been doing it for twenty years.

JOURNEY TO CLOUD CADENCE SAM GUCKENHEIMER Sam describes a ten-year transformation at Microsoft Developer Division from a box product delivery cycle of four years to a hybrid SaaS and on-prem business, with a single code base, triweekly delivery of new features in the service, and quarterly delivery for on-prem customers. He presents three waves of improvement and learning: first, the reduction of technical debt and other waste to gain trustworthy transparency, second, the increase in the flow of customer value, and third the shortening of cycle time to allow continuous feedback and continuous business improvement. The current scale of the business is that there are millions of customer accounts each on–premise and in the cloud. This hybrid situation will exist for many years, and is a necessary part of the business. Sam will give examples from monthly service reviews of key practices and metrics, such as hypothesis-driven development, funnel analysis, performance monitoring, MTTD and MTTR improvement, log analysis, root cause remediation, scale unit replication and canarying, common code base, testing cycles, georeplication, feature flags, compatibility and compliance testing. The organizational issues of transforming from a traditional box software delivery team to a modern SaaS team will be addressed as well.

STREAM PROCESSING: AN ARCHITECTURAL QUICK REFERENCE ZOINER TEJADA Got megabytes, tens of megabytes or even hundreds of megabytes of small data coming at you? Per second? If you answered yes, awesome, this session is for you. We will walk thru an Azure reference architecture that answers the questions of: How best should you ingest all that data? What can you do with the data now in near real-time now that you have it, and how you should go about keeping it for future analysis? Oh, and also how should we secure it? While you are on your way to building the next twitter or solving the world’s energy crisis with a massively successful IoT platform, understanding how and when to leverage Event Hubs, Blob Storage, Stream Analytics, HD Insight (and Storm), Azure Machine Learning and how to position those pipelines next to your operational SQL Server in a VM is a mission-critical decision. Choose poorly and your solution will cost too much, be a burden on your developers or will ultimately collapse underneath the volume of data. Choose wisely, and you are well on your way to stream processing nirvana. Choose wisely and attend this session.

GUIDE TO ARCHITECTING FOR THE CLOUD TED NEWARD With the dawn of the new decade, “cloud” swept into developers’ (and their managers’!) mindsets with a vengeance. Suddenly, everything was “in the cloud,” development was racing “to the cloud,” and if you weren’t “cloud-friendly,” you were facing an uphill battle. And yet, with all this “cloud,” nobody really sat down to think about how we architect systems for the cloud, or how it is (or isn’t) different from building traditional “on-premise” (that is to say, not “in the cloud”) applications. In this session, we’ll do exactly that, taking a hard look at how cloud-based applications are similar to, yet very different from, traditionally-hosted applications.

MODERN WEB ARCHITECTURE TED NEWARD In 2000, Roy Fielding (he of REST dissertation fame) published a paper entitled ‘Principled Design of Modern Web Architecture’, in which he and his co-author described REST, how it achieved the goals of the Web, and cited examples. In this session, we’re going to do something of the same: talk not just about REST, but about the path that building an Internet-facing system should take, the reasons behind those choices, and the architectural implications that result from them. In other words, if you’re building a Web application in 2014, build it this way--or be ready to call it ‘legacy’ before it even hits the production servers.

PREPARING FOR AZURE SERVICE FABRIC MICHAEL MONTGOMERY For the modern software developer, Azure Service Fabric represents nothing less than the next evolu- tionary breakthrough in software programming on the Microsoft stack. Just as .NET represented a new integrated runtime for simplifying the construction of component-oriented applications, Azure Service Fabric represents a new runtime and platform for simplifying the construction and administration of service-oriented systems. Central to Azure Service Fabric’s development experience is its deployment- aware microservice-oriented programming model. This model represents a significant departure from the way .NET developers structure their code and their applications today. In this technically immersive session, Michael ‘Monty’ Montgomery will reveal a novel set of straightforward techniques you can use right now to prepare your existing .NET codebases for a smooth transition to the Azure Service Fabric. Monty will begin the session with the essential of the Azure Service TECHintersection Delivers! Fabric’s microservice-oriented programming model. Monty will then * Exceptional Content take an existing .NET WebAPI and systematically reshape its code to * Expert Speakers better transition to Azure Service Fabric to the point the code just * Engaging Q&A recompiled verbatim to target the Azure Service Fabric. * Perfect Location! ACTORS, MICROSERVICES Richard Campbell AND EVERYTHING BARRY BRIGGS In today’s world, we are building bigger and bigger things from smaller and smaller pieces. In this talk, I’ll go over two of the most exciting modern cloud technologies, actor model programming, and microservices. I’ll talk about the architectural differences between the two, when to pick one over the other, and most importantly I’ll show how you can build applications you never thought possible before using these two approaches. And - of course - there’ll be demos!

6 | SEPTEMBER 14-17, 2015 | Monterey Conference Center, Monterey, CA Billy Hollis

THE POWER OF ACTORS BARRY BRIGGS In this session, I’ll go deep into the world of actor frameworks. Originally created in the 70’s, the actor model enjoyed rather limited success until the emergence of the cloud, when the availability of huge numbers of servers for applications mandated a simple, highly concurrent, parallelized and easy to develop programming model: actors! Enabling everything from massive multiplayer games to IoT to distributed spreadsheets, actors, as implemented in Microsoft’s Project Orleans and Service Fabric, are cool!

WEAVING THE FABRIC: DESIGNING FOR AZURE SERVICE FABRIC MICHAEL MONTGOMERY With the advent of Azure Service Fabric, Microsoft makes public the long anticipated service-oriented platform upon which it has built significant pieces of Microsoft Azure. Provided as an integrated platform, Azure Service Fabric presents a more prescribed approach to the construction and deployment of service-oriented systems. This constrained, best practice-informed model helps to reduce the common connectivity and administration headaches that often plague service-oriented systems in the wild. In this design intensive session, Michael ‘Monty’ Montgomery will reveal the key decisions you will need to make when targeting the Azure Service Fabric. To set the stage, Monty will first provide you a brief introduction to the essential aspects of Azure Service Fabric’s microservice-oriented programming model. Monty will then explore in detail each design option you face when targeting your systems for Azure Service Fabric. Along the way, Monty will show you how to avoid the many pitfalls common to microservice-oriented systems by sharing the tips and tricks he has gathered from years of designing, building and deploying such systems.

FALLACIES OF ENTERPRISE SYSTEMS TED NEWARD Every enterprise developer, at some point in their career, has fallen into the trap of 10 devilishly subtle enterprise software development assumptions. Come hear what they are, why they all lead to big trouble and painful learning experiences in the long run, and how to avoid them using the tools and technologies of your favorite platform.

DO YOU SEE ME? LEVERAGING BLE BEACONS DOUG SEVEN Beacons are emerging as a piece of technology that can connect the physical world with the digital world and enable new and engaging user experiences. In this session, you will learn how beacons work and how to create user experiences that bring your app to life through real-world context. You will learn about the iBeacon standard and learn about options for building your own beacon enabled experiences.

ALLJOYN, CORDOVA, AND THE INTERNET OF THINGS IVAN R. JUDSON, PHD In this talk, we’ll present AllJoyn an application level protocol for the internet of things supported by Microsoft and other members of the AllSeen Alliance. Ivan will present the Cordova plugin that enables cordova applications to talk to AllJoyn enabled devices and show applications for the lifx lightbulb, LG television, and a mobile chat application. He will tour the code and explain how to build these applications using Cordova.

WINDOWS FOR MAKERS: RASPBERRY PI 2, ARDUINO AND MORE TONY GOODHEW In Windows 10 we have enabled the creation of the next generation of intelligent devices. In this session you’ll learn about how to leverage the value of Windows when building these next-generation devices based on hardware like the Raspberry Pi 2, as well as how to extend your Windows devices with the capabilities provided by .NETMF and Arduino. We will demonstrate how we have extended the platform to include support for popular Internet of Things (IoT) hardware interfaces (like GPIO and I2C) to enable you to build rich devices based on the Raspberry Pi 2 (from fun DIY arcade machines through life-saving flood-detection systems) Additionally we will teach you how to use our remote wiring and virtual shields open-source libraries to create innovative new solutions. With remote wiring you can add Arduino Wiring calls into your apps that execute on a remotely (BT) connected Arduino device; similarly with our virtual shields library you will learn how to expose your device’s capabilities to a remotely connected Arduino device. Finally, we’ll be showing you the latest improvements we’ve made to the .NETMF and how these are being leveraged by our partners to create compelling new hardware.

ARCHITECTURAL CONSIDERATIONS FOR THE INTERNET OF THINGS TOBY CONSIDINE The Internet of Things has been around since the release of the X10 protocol in 1975. X10-based systems were traditionally adopted by technology-minded hobbyists because they often required significant weekend time to configure and operate. Well, the X10 protocol has matured and is now but a small part of today’s internet of things (IoT). Today’s IoT offers robust suites of protocols and capabilities, and today’s IoT architect needs to consider systems and capabilities beyond those of messaging and processing power. Architectural layering is a newcomer to the IoT. Once proprietary protocols have matured into 6LowPAN offerings that support ‘normal’ messaging expectations. Today’s OBIX, used for interactions build-based control systems, now includes JSON and other data structures as well as the original XML. Windows 10 now includes support for DotNet programming of AllJoyn. The Con- sumer Electronics Association is now embracing OBIX over Web Socket as part of its standard Smart TV App Platform. But architectural decisions in the IoT extend beyond choosing protocols such as COAP or MQTT. As hundreds of sensors expand into tens or even hundreds of thousands of potentially disconnected sensors, power and lifecycle management of devices and sensors comes to the fore. Do you select a light-weight model that includes energy harvesting, such as used in Enocean, or do you dispose of sensors when the battery wears out? How do we manage these ad-hoc networks of unwired devices? As we climb to the enterprise, we need semantic frameworks to manage these points. The IoT Architect must consider the semantic frameworks to use for each application, and at which point of the architecture to apply these frameworks. How can we make systems interact when each is too small to ‘know’ about the other? Are there ontologies that can be created for policy-based management of these sensors and systems? This presentation will present the issues and technologies to consider as you build your own IoT killer application and consider what enterprise interaction with the IoT means.

8 | SEPTEMBER 14-17, 2015 | Monterey Conference Center, Monterey, CA Zack Supalla

DEVELOPING FOR THE IOT TOBY CONSIDINE Whether you are developing situational awareness by harvesting sensors or replacing a SCADA system with enhanced procedural automation or creating human-centric processes, the Internet of Things gives you new concerns as a programmer. The direct-wired world is well-documented, filled with known sensors at known points, and specific actuators with known effects. With the Internet of Things, one is concerned with discovered sensors at intuited locations and systems that may be occasionally connected. This talk will run through the new technology models how some specific scenarios affect the developer. With hundreds or potentially tens of thousands of points in a moderate application, power management drives sensor developer decisions. Cata- loging wireless sensors becomes difficult, let alone changing batteries once a year. Sensornet architectures, including ones based on the new standard COAP, put a premium on inferring location and situation. Intermittent connectivity, perhaps based on energy-harvesting technologies from the Enocean alliance may become the norm. Diversity becomes a greater concern. As your application grows or stays in the field longer, new genera- tions of sensors and systems will become part of your existing application. Formal taxonomies can help find order in the chaos, but, as they say, the wonderful thing about standards is there are so many of them. Devel- opers need to sort through connectivity-oriented folksonomies such as Haystack, BIM-oriented standards such as COBie/OMNICLASS, and even mandated standards such as medical classification panels. In the traditional IT world, there is an assumption that everything is essentially instant. In the internet of things, operational param- eters may predominate. Systems may have maximum run times, minimum inter-use down times, or minimum economic cycles. Remote system operation may include significant ramp-up and ramp-down times, and the system-wide effects of those ramp periods may be significant. This session will point to abstract information standards to catalogue system operating characteristics. Complex system theory describes the knowledge problem, the necessary assumption that you cannot know everything about all systems you are interacting with. This session will touch briefly on transactive interoperation, i.e., techniques to coordinate diverse systems whose capabilities may be unknown and whose mechanisms may be little understood.

CONNECTED CAR By 2020 there will be 2 to 3X as many JAMES SPRING connected IoT devices as smart In this session, you will learn from Jim’s recent experiences in phones, tablets and laptops combined. instrumenting a fleet Doug Seven of vehicles where data acquisition re- lied on both real-time streaming as well as broader data acquisition. You will learn about existing applications and then discover the design patterns or building blocks for creating your own applications. Handling different volumes of data, OTA protocols, and the dynamic environment in cellular and Wi-Fi networks will be discussed. Examples will target one or more modern embedded platforms so that anyone can make use of them.

USING THE MICROSOFT BAND SDK AND MICROSOFT HEALTH CLOUD API TONY ANDREWS, ALI ALVI The Microsoft Band is a fitness and productivity oriented wearable device that works great with all major smartphone platforms. With the Microsoft Band SDK, app developers can easily incorporate the Band into their application experience. In this session we’ll explore how to use the Microsoft Band SDK to develop mobile applications that increase user engagement by harnessing the sensors on the Microsoft Band or leveraging the Band as a secondary display and input device. We’ll also show how to use the Microsoft Health Cloud API to get detailed and summary information about user activity.

ALLJOYN: PYTHON AND NODE IVAN R. JUDSON, PHD In this talk, we’ll present bindings for the AllJoyn thin client into NodeJS and Python. We’ll demonstrate how to prototype AllJoyn services for new IoT devices in C, Python, and Node. We’ll also show how these scripts can interact with the AllJoyn APIs coming in Windows 10.

MICROSOFT IOT OVERVIEW JAMES OSBORNE In this session, we will provide an overview of the Microsoft IoT portfolio. Attendees will see how easily they can create solutions using Windows IoT ‘Athens’ on mobile and industry devices. We will show Windows services that allow you to codelessly gather data from these devices to assess health, to manage state and to keep these them up to date. This session will also cover the Azure IoT Suite, a comprehensive cloud-based offering for IoT that enables customers to quickly provision end to end IoT solutions supporting a wide range of devices and operating systems and take advantage of cutting edge Azure capabilities like stream processing and machine learning to power their businesses. The Azure IoT Suite will work great with Windows IoT, and also Linux, Android, iOS and even real-time operating systems. You will leave this session with an understanding of the full spectrum of Microsoft IoT offerings to rapidly assemble solutions to create your digital business.

AZURE IOT HUB & DEVICE SUPPORT JAMES OSBORNE This code-heavy session takes a deep dive into the Azure IoT device & gateway SDK, with demos showing off our support for devices running on non-Windows platforms. We’re run through a scenario sending telemetry from a device to ML-powered analytics in Azure.

BUILDING AN INTERNET BUTTON WITH PARTICLE ZACH SUPALLA Ever wanted a button in your home or office that would call an Uber for you? Or text your wife to let her know that you’re coming home late for work? Or order you a pizza? Sit down with the team from Particle to build your own “Internet Button” that can be hooked up to any API to take action when the button is pressed.

PARTICLE.IO - FROM MAKER TO MANUFACTURER ZACH SUPALLA While the world is being filled with great prototyping tools like Arduino, Raspberry Pi, and Particle’s Photon and Core, the road from a prototype to a product manufactured at scale is perilous, and while there are plenty of resources to help, they can be harder to find. Join Zach Supalla from Particle as he talks through the process his company went through to turn the Core from a prototype to a mass manufactured product and explains how others can follow the same steps.

BRINGING WEB CONTENT TO THE MICROSOFT BAND TONY ANDREWS, ALI ALVI Web tiles are a new feature of the Microsoft Band that allow developers and hobbyists to display content from the web on the Band in a simple, portable way. In this session, we’ll demonstrate how to quickly create a web tile using the web-based authoring tool. We’ll review the kinds of web content that can be rendered and demonstrate how to create a web tile manually for more customized scenarios. We’ll also explore how web developers can increase user engagement by offering customized web tiles that deliver personalized content to users from their sites.

SWIMMING UPSTREAM: HANDLING THE DATA FROM THE IOT IVAN R. JUDSON, PHD In this talk, we’ll present two technologies that can process the high scale data that can be produced in IoT scenarios. Ivan will present Apache Storm running in Azure and Microsoft Azure Stream Analytics, both technologies designed to help process real-time, high-scale data – but with different architectures and assumptions. He will present a simple application for each technology, extracted from real implementations from partners, that show how each technology is used.

10 | SEPTEMBER 14-17, 2015 | Monterey Conference Center, Monterey, CA Troy Hunt

SESSIONS

DESIGN PRACTICES FOR A SECURE AZURE SOLUTION MICHELE LEROUX BUSTAMANTE When companies endeavor to move their applications and services to the cloud, they tend to worry more about security up front. Interestingly, platforms such as Azure provide an even more secure environment than most self-managed co-location facilities can hope to offer, not to mention the plethora of features on the platform that help you secure your solutions end to end. In this session, Michele will review the mini-avalanche that comprises Azure security across all features. Taking the architect’s view of the platform, she’ll cover best practices for securing Azure solutions end to end and discuss the tangential benefits of moving to Azure and how it can help you with checking the boxes on those pesky security surveys.

BUILDING SECURE JAVASCRIPT AND WEB API APPLICATIONS WITH OAUTH2 BROCK ALLEN Modern browser-based applications are being built using more and more client-side JavaScript. Yet these applications still need to securely access resources on the server. Guess what? Cookie-based authentication isn’t going to work, as there are security vulnerabilities with this traditional approach. So what’s the solution? Token-based authentication with OAuth2. Come to this session to learn about the issues, and how to get and use tokens to secure your Web API backend.

THE CODE BEHIND THE VULNERABILITY BARRY DORRANS OWASP illustrates that developers keep making the same mistakes over and over again, but what about more esoteric vulnerabilities? In this session, Barry will take you beyond SQL injection covering some of the code behind now fixed ASP.NET vulnerabilities. By the end of the session, you should be poring through your own code looking for problems with dictionaries, compression, encryption and more.

10 TIPS TO A BELIEVABLE SECURITY STORY MICHELE LEROUX BUSTAMANTE Should your customers REALLY trust you? Are you doing everything you can to ensure their data is safe and secure? That your application will not be breached? The reality for most companies is that this is a work in progress, but there are things you can do to quickly pull together a sound security story, and implementation. This session will lead you through 10 tips that will help tell a better security story to your customers and actually win their trust. Topics include compliance, security controls, password policies, identity and access management, security architecture, procedures SLAs and disaster recovery.

MEMORY REMAINS: USEFUL TECHNIQUES FOR RETRIEVING AND ANALYZING MEMORY CONTENT PAULA JANUSZKIEWICZ During this session, Paula will explain and show the techniques for memory acquisition, techniques for grab- bing the juicy data, and why it is so amazing to find someone’s memory dump! Acquiring and analyzing physical memory as done by forensics professionals is a crucial skill to understand how an operating system works or worked during the incident. For hobbyists, working with memory can be useful to perform troubleshooting and understand how certain solutions work. The valuable content contains evidence of user actions, hacker’s tasks, malicious code behaviors, and the story of what happened on a system. This session is really intense but practical at the same time, as always it is packed with a lot of live demos and stories, so make sure you leave the party earlier in order to not to miss a thing!

CRYPTO 101 BARRY DORRANS Cryptography is hard, we see that every time another database of passwords leaks. In this session Barry will take you through history from the Caesar cipher, through frequency analysis in AD800, one time pads, the enigma machine to reach where we are today and what choices you need to make to help protect your secrets.

IDENTITY AND ACCESS CONTROL FOR MODERN WEB AND MOBILE APPLICATIONS BROCK ALLEN Modern applications developed with Microsoft technologies include one or more of MVC, Web API, SignalR, JavaScript, and/or some sort of mobile platform development framework. These applications deserve modern security to suit their requirements. To satisfy these requirements, a developer must learn a new set of technologies such as OAuth2, OpenID Connect, and JSON Web Tokens. This one- day workshop is your chance to dive into all things security related to these new technologies. Learn how to securely connect native and browser-based applications to your back-ends and achieve modern authentication and authorization.

HACK YOURSELF FIRST: HOW TO GO ON THE CYBER-OFFENCE BEFORE ONLINE ATTACKERS DO TROY HUNT The prevalence of online attacks against websites has accelerated quickly recently and the same risks continue to be exploited. However, these are often easily identified directly within the browser; it’s just a matter of understanding the vulnerable patterns to look for. ‘Hack Yourself First’ is all about developers building up cyber-offence skills and proactively seeking out security vulnerabilities in their own websites before an attacker does. It recognizes that we have huge volumes of existing websites that haven’t gone through sufficient security review plus we continue to create new content that even when built with security in mind, still needs testing from the perspective of a cyber criminal. In this session, we’ll look at website security from the attacker’s perspective and exploit common risks in a vulnerable web application. We’ll also explore ways to easily grab credit cards, gain immediate FTP access to thousands of websites, crack password cryptography you think is secure and hijack wifi.

THE CHANGING FACE OF AUTHENTICATION UX PAMELA DINGLE All of the big “trends” in computing today have placed pressure on what has until now been a global standard: the login page. Notions of trusted devices, context shared across domains, and new (or absent) input mechanisms are colliding with renewed fear of credential theft to force everyone to re-imagine what an authentication ceremony should look like. Pamela Dingle will review the user experience and the standards underlying the experience, including OpenID Connect, FIDO, and Account Chooser.

STANDARDIZED PROVISIONING VIA SCIM PAMELA DINGLE Account Management at end resources is a risk point and a resource hog in most Enterprises. What can be done to tool your organization in such a way that you avoid vendor lock-in and future proof your efforts? Adoption of the Simple Cloud Identity Management (SCIM) provisioning API is a straightforward way to standardize internal efforts and to reach out into the cloud. The more SCIM is adopted, the fewer proprietary provisioning APIs you have to build or buy, a win for everyone. Pamela Dingle will explain the standardized specification and show examples of how it can speed up your provisioning expansion.

THE OWASP TOP 10 – WEB SECURITY MISTAKES WE SEE OVER AND OVER AGAIN BARRY DORRANS Every few years The Open Web Application Security Project (OWASP) compiles a list of the most common and critical web application vulnerabilities. The list doesn’t change much, the same mistakes occur year and year. Come learn what they are, how they can be exploited and how you can protect your applications against them. And once you’ve done that why not go deeper with the Code behind the Vulnerability or Crypto 101.

12 | SEPTEMBER 14-17, 2015 | Monterey Conference Center, Monterey, CA Pamela Dingle Brock Allen

MODERN AUTHENTICATION FOR ASP.NET MVC 6 APPLICATIONS BROCK ALLEN ASP.NET 5 and MVC 6 are now here and this means we now have a fundamentally new architecture for au- thenticating users in our applications. This session explores what that means for your application design. We will first look at the simple authentication scenarios such as using a traditional password for authentication and then using external social media identity providers for single sign-on. We’ll then discuss why these simple approaches are not typically sufficient and why introducing your own single sign-on provider is important to your application architecture.

CSI: WINDOWS – TECHNIQUES FOR FINDING THE CAUSE OF THE UNEXPECTED SYSTEM TAKEOVERS PAULA JANUSZKIEWICZ Ok, so this is what has happened: An attacker got into your infrastructure, used server’s misconfiguration, created themselves an account and… Exactly! And what? Or maybe let’s stay on the ground: you would like to know where to gather information about activities in an operating system. In both cases, this session is for you! This is the moment that we wonder what else could happen except for what we see and if it is possible to trace back hacker’s activities in our systems. Yes, it is! By performing several analyses, we are able to get enough evidence of performed malicious actions. This type of monitoring can be also useful when performing the regular investigation of what happened in the system, not only from the attacker’s perspective. Come and see what it mean to be hacked and that nothing can be completely hidden! During this session, you will become familiar on how to trace system related situations and how to establish informative monitoring that can alarm you if When things go wrong, you have something goes wrong in your environment. all the time in the world for HOW TO MAKE THREAT security. Better to invest in an MODELING WORK FOR YOU action plan now and start chip- ROBERT HURLBUT Threat modeling is a way of think- ping away at it. ing about what could go wrong and how to prevent it. Instinctively, Michele Leroux Bustamante we all think this way in regards to our own personal security and safety. When it comes to building software, some software shops either skip the important step of threat modeling in secure software design or, they have tried threat modeling before but haven’t quite figured out how to connect the threat models to real-world software development and its priorities. In this session, you will learn practical strategies in using threat modeling in secure software design and how to apply risk management in dealing with the threats.

STRONG AUTHENTICATION IN THE ENTERPRISE: HOW TO GET IT DONE LAURA HUNTER Does anybody remember seeing a big red button with the word ‘PANICK!’ written on it? I know it was around here somewhere. Also, there’re all these cats running pell-mell around the place, can someone give me a hand in herding them? In this real-world case study, come and learn how a Fortune 100 with a diverse and extremely mobile workforce was able to turn up strong authentication protections for our source code and other critical cloud resources, and how everyone lived to tell the tale. You’ll hear about the technical implementation of strong authentication enforcement, and how we made key design decisions in the ongoing balancing act between security and user experience, and how we managed up-and-down the chain from executive stake- holders to the boots-on-the-ground who were being asked to join us on this new security adventure.

IMPLEMENTING A SECURE SOFTWARE DEVELOPMENT LIFECYCLE WITHIN YOUR ORGANIZATION ROBERT HURLBUT If you are still building applications with your fingers crossed, a ‘we hope we’ve got it’ attitude about security that depends on reactive testing alone, there is a better approach. Inserting security throughout the Software Development Lifecycle (SDLC) will not only release and maintain secure applications but decrease development costs and timelines at the same time. A Secure SDLC (a.k.a. Application Security Program, Secure Development Lifecycle (SDL), etc.) comes in many forms, but there are some fundamental elements necessary for any Secure SDLC program to be successful. In this session, you will learn those common elements and how they can help eliminate the trial and error processes common when organizations attempt to build applications or follow an SDLC without building in security.

SECURING ASP.NET IN AN AZURE ENVIRONMENT TROY HUNT The cloud offers enormous promise in terms of just how quickly we can achieve amazing things and for mere fractions of what it cost us in the “traditional” world. But can you trust the cloud? Is it ‘secure’? It can be, in fact, the overall security posture can be greater than many of the traditional hosting models. In this session, we’ll look at what it takes to secure ASP.NET applications running in an Azure environment. Mi- crosoft has provided us with a raft of features that make both building and securing applications easier than ever before. These aren’t always “secure by default” though and it often requires some configura- tion effort to maximize the security constructs at your disposal. This is a session full of lots of live demos based on many years of building web apps for Azure and using Microsoft’s latest and greatest security features baked into the platform. It’s a very Hackers only need to get it right once. practical session based on real We need to get it right every time. world experiences. Troy Hunt

MAKING SENSE OF IDENTITY PROTOCOLS TODAY ALEXANDRA ROSENBAUM Have you ever wondered which identity protocol you should use and how the various protocols work? Today you hear a lot about OAuth 2 and OpenID Connect - and indeed they are the go to protocols for implementing modern identity solutions. However, there is a lot of history here, and you are still bound to run into SAML 2, WS-Federation and WS-Trust as you integrate legacy or third party applications that have not evolved their implementations. As you design your own identity solutions, it is important to understand the role of these protocols, which to choose for each scenario, and how to build a holis- tic picture across your applications and any applications you integrate with. Come to this session for an overview of these protocols, when they are most commonly used, and how to choose between them and build your identity solution across applications and identity platforms.

IDENTITY SOLUTIONS TODAY WITH AZURE ACTIVE DIRECTORY ALEXANDRA ROSENBAUM Azure Active Directory (AAD) is one of the largest identity and access management services today. AAD provides identity management for Office 365 and for the Azure platform itself, but it can also work in synergy with your on-premise Active Directory (AD) or serve as the identity provider for green field applications. This session will show you what you can do with AAD today with an eye on tomorrow as the service continues to add rich features. You’ll learn about corporate user scenarios that enable AD user management, password sync and access patterns for those users to cloud and on-premise applications; and scenarios that don’t involve AD whereby applications rely on AAD as the user directory for their integrated application workflows. Come to this session for some practical insight and demos covering the most practical scenarios customers use AAD for today. Check the conference website for the latest information, TECHintersection.com Sessions and speakers are subject to change.

14 | SEPTEMBER 14-17, 2015 | Monterey Conference Center, Monterey, CA Kris Lankford

SESSIONS DIVING INTO THE MICROSOFT BAND SENSORS BARY NUSZ This session will give you an in-depth overview of the multitude of Microsoft Band sensors. We’ll look at each sensor, it’s capabilities and limitations. We’ll also cover how each can be integrated into your applications.

REAL WORLD DESIGN PATTERNS STEVE SMITH Design patterns provide templates for solving the same family of problems in similar ways. They also provide developers with higher level language terms to use to describe approaches to application design or architecture. See several design patterns described and applied to real world problems, and the benefits they provide when applied properly in this fashion.

SITEFINITY FEATHER, THE ADVANCED TOPICS: VENKATA KOPPAKA This session touches on how to use Feather effectively and dives deep into its advanced concepts.

ADVANCED TOPICS IN XAMARIN.FORMS JESSE LIBERTY Targeted at the beginner to intermediate Xamarin.Forms programmer, this course will explore some of the more advanced topics, such as tabbed pages, styles, implicit styles, dynamic styles, messages, and triggers. We will also explore design patterns for Xamarin.Forms, with a focus on MVVM and the Onion pattern.

ARCHITECTING UNIVERSAL AND CROSS PLATFORM APPS WITH XAMARIN VENKATA KOPPAKA Using the Movies app as an example, this session shows how you can build iOS, Android, and Windows Uni- versal apps using Xamarin and WP tools, sharing almost all of your code.

WRITING TESTCOMPLETE KEYWORD OPERATIONS USING SCRIPT EXTENSIONS NOEL RICE Would you like to wrap your script into bite-size operations that testers can just drop into a keyword test? In this session you’ll learn how to: • Build and manage a form that collects user input when the keyword is dropped into the editor • Use the ObjectPicker to allow the tester to select on-screen forms • Script your keyword operation to respond to being created, modified and run in a test • Define the Description.xml file that manages your keyword operation We will build a simple script extension that runs window methods that minimize, maximize, restore, activate and set focus on the form. The example project is a good starting point for creating your own keyword operations.

CONFIGURING TESTCOMPLETE DISTRIBUTED TESTS NOEL RICE Distributing test over multiple physical or virtual machines is a powerful “force-multiplier”, but sometimes tricky to set up the first time. Watch over my shoulder as I configure several virtual machines to run tests at the same time. In this session you’ll learn how to: • Configure the slave host machine • Configure the master machine • Diagnose common distributed tests issues • How to synchronize host machines.

INTRO TO TYPESCRIPT FOR .NET PROGRAMMERS NOEL RICE Do you want to develop client-side applications using JavaScript, but are concerned about scalability, reliability or simply have issues with the development experience? TypeScript is a superset of JavaScript that allows .NET developers to use familiar concepts like namespaces, classes, strong types, etc., but compiles to pure JavaScript. In this session you’ll learn: • How to define classes and instantiate objects. • How to inherit classes to add or modify functionality without corrupting the underlying JavaS- cript prototyping mechanism. • What the TypeScript-generated JavaScript output looks like and how the two syntaxes relate. • How TypeScript implements language features such as property accessors, interfaces, modules (think namespaces), and generics.

GETTING STARTED WITH MICROSOFT BAND DEVELOPMENT BARY NUSZ JOSH MORALES If you’re looking to get into app development for the Microsoft Band, this is the session for you. In this session, Josh Morales will start by showing you how to build a simple app that interacts with Windows Phone to track water consumed throughout the day. Next, Bary Nusz introduces the multitude of Band sensors and shows how to integrate them into your apps. This session serves as a nice prelude to Bary’s advanced talk on Microsoft Band sensors.

DOMAIN EVENTS AND SIGNALR STEVE SMITH Domain Events, a Domain-Driven Design (DDD) pattern, provide a way to decouple your code. Rather than hard-coding a series of steps that must be completed in response to a particular action a user takes, that action can raise an event. Handlers for that event can be added without changing the code responsible for raising the event, resulting in a more extensible design. Coupled with SignalR in the UI layer, domain events can be trigger updates to the application without the user having to make requests.

INTRODUCING DOMAIN-DRIVEN DESIGN STEVE SMITH Domain-Driven Design (DDD) is an approach to software development that puts the model at the center of the application. It is most appropriate for software that models complex business rules or systems and tends to be overkill for systems that must simply add, remove, and update data from a data store. In this session, we will cover the basic terms, principles, and patterns of DDD, providing enough depth to let you decide which parts of DDD might merit further investigation.

CREATE GEOSPATIAL APPLICATIONS WITH SQL SERVER, .NET, AND THE ENTITY FRAMEWORK JASON FOLLAS What are your nearest stores to somebody’s current location? Which policyholders are within 10 miles of a given storm’s track? What percentage of the raw materials in your product was harvested within 500 miles of a construction site? How many photovoltaic arrays can be fit on a given property to maximize the amount of electricity produced? These are all interesting questions that can be answered by querying and manipulating geospatial data. If you need to add geospatial capabilities to a .NET application, then there is a compelling story to utilize SQL Server and the geospatial capabilities of Entity Framework. In this session, you will learn some foundational spatial concepts, and then see how to apply them in code.

16 | SEPTEMBER 14-17, 2015 | Monterey Conference Center, Monterey, CA Lino Tadros Steve Smith

GOING NATIVE WITH KENDOUI MOBILE KEITH BURNELL The number of people using their smartphones or tablets to access the web has grown to the point where having a presence on mobile devices has become a must for anyone with a website. But to be truly successful your mobile presence has to differentiate itself from the mobile web entirely and straddle that line between web and native application. In the past, this meant having specific styles and often views for each specific mobile platform you wanted to target, but this is no longer necessary thanks to Kendo UI Mobile. In this talk, Keith will demonstrate how using HTML5 and Kendo UI Mobile will allow you to write one application with a single set of styles and views that looks truly native on iOS, Android, and Blackberry. Keith will walk through creating a mobile application from start to finish including how to use PhoneGap to package and deploy your website to the major mobile application stores.

I JUST WANT TO BETA TEST MY APP PLEASE! RACHEL HAGERMAN Working within the confines of an app store can make a simple request, like ‘When can I see this in Beta?’ be anything but a simple process. We will look step-by-step at the ways you can get an early version of your app out to Beta testers, and the pros and cons of using options such as TestFlight, HockeyApp, TestFairy, and others.

INTEGRATING DEVICE SENSORS WITH THE UNITY FRAMEWORK BARY NUSZ Get an in-depth overview of the Microsoft Band sensors that can be accessed with the Unity framework. Capa- bilities and limitations will be investigated and demonstrated with sample applications.

AN INTRODUCTION TO XAMARIN.FORMS JESSE LIBERTY This presentation assumes no prior programming experience and provides an overview of Xamarin.Forms, illustrating with a number of demos, how you can quickly put together a cross-platform solution using declara- tive XAML and C#. Because of the data-binding in Xamarin.Forms, it is easy to implement the MVVM pattern, which will be explained and demonstrated. Participants will walk away with a solid understanding of what Xamarin.Forms offers and how to get started.

SITEFINITY FOR DESIGNERS AND DEVELOPERS LINO TADROS TBD.

VNEXT – NOT YOUR GRANDMA’S ASP.NET KEITH BURNELL A lot of change is coming in the next version of ASP.NET and you need be ready for it. In this session, Keith will show you what’s coming and prepare you to hit the ground coding on release day.

ADVANCED SITEFINITY ROUTING AND YOU JOSH MORALES This session demonstrates how you can leverage the internal routing classes to handle custom requests in your pages, and give a tailored experience to your users (such as changing the theme based on the time of day, blocking certain pages from certain IP ranges, etc). Similar to personalization, but this is done programmati- cally so you can share it with other sites easily by putting it in a shared class library.

20 QUESTIONS TO GET STARTED DEVELOPING YOUR IOS APP RACHEL HAGERMAN Get answers to commonly asked questions about starting out in iOS app development, and learn how to avoid some common mistakes. If you are wondering: “Do I need a Mac?” “ How do I get started in the App Store?”, or “What are my language choices?” this is the session for you.

BE YOUR BEST REMOTE DEVELOPER RACHEL HAGERMAN Developers working by telecommuting can tell you, it’s not all no-commute no-distractions nirvana when your job is remote. There are good developers and then there are good remote developers, but what is the difference? We will discuss how do to prepare yourself, sell yourself as a good remote employee in that interview, and then make yourself more productive outside of the office than in it.

ANIMATE ALL THE THINGS! JASON FOLLAS Questions answered, Perhaps you’re working on an HTML5 game, or maybe you just want to add strategies defined. a bit of flare to an otherwise boring web page. Animations (even subtle ones) are an essential part of the user experience in today’s web landscape. But, if you’ve never worked with Tweens and Easings before, then jumping into animations may be a bit intimidating. This session will demonstrate how easy it is to create animations on your web page, from the out-of-the-box CSS3 Transitions and Animations, to the powerful (and fast and fluid) GreenSock Animation Platform for more complex and choreographed scenarios. You will leave with a sense for what is possible with animation in HTML5, and which implementation is best for various animation scenarios.

HANDS-FREE APPS: CORTANA INTEGRATION AND SPEECH FOR YOUR WINDOWS UNIVERSAL APPS JASON FOLLAS Cortana is the digital assistant that was first introduced in Windows Phone 8.1, and has since been incorporated into Windows 10 and the Microsoft Band. Using voice (or text) commands, users interact with Cortana to retrieve information, perform an action such as setting an alarm, or even launch an app on the phone that provides what they are looking for. Aside from Cortana itself, the Windows platform provides powerful and easy to use speech recognition and speech generation capabilities that developers can access. This session will take a look at how to integrate with Cortana and use the speech capabilities to enable hands-free features within your own Universal Apps.

BUILDING MOBILE APPLICATIONS WITH ASP.NET AND XAMARIN JESSE LIBERTY Xamarin’s support for creating web-based mobile applications using HTML and Angular or ASP.NET has grown by leaps and bounds in the past year. In this course, you’ll see why Xamarin may be a far better alternative to Cordova and similar offerings. We will build mobile applications using a variety of web skills and see how these can instantly be run on iOS, Android, and Windows Phone.

XAMARIN.FORMS FROM ZERO TO SIXTY JESSE LIBERTY This hands-on workshop will start with the fundamentals of Xamarin.Forms and will work its way up to such advanced topics as styles, messages, and triggers. Participants need not have any experience with mobile programming but do need to have a laptop with Xamarin Studio installed (complete instructions to follow). Each demonstration program will have a completed folder and, as needed, a starter folder.

18 | SEPTEMBER 14-17, 2015 | Monterey Conference Center, Monterey, CA Network and make valuable connections after dark.

KENDO UI AND ANGULARJS – SO HAPPY TOGETHER KEITH BURNELL Angular JS is the latest rage in client-side frameworks. Its benefits include outstanding two-way data binding, inherit separation of concerns, familiar patterns, and a focus on testability. Kendo UI is a framework for building modern web applications that includes an extensive collection of UI widgets with everything from basic input controls to highly interactive data visualization components. In this session, Keith will show you how you can take advantage of all the benefits AngularJS offers while easily integrating Kendo UI using the newly introduced Angular Kendo UI.

BUILD APACHE CORDOVA APPS IN VISUAL STUDIO... LIKE A SUPERSTAR! GEORGE SAADEH Apache Cordova tooling in Visual Studio allows you to create applications using standard web technologies. But Cross-platform mobile application development can be a complicated process. In this session, we will discuss some of the tools and best practices that can help improve your code and development workflow.

APACHE CORDOVA APPS FOR WINDOWS 10 GEORGE SAADEH Using Apache Codova apps in Visual Studio, you can develop cross-platform applications that run on the latest version of Windows using a single project based on HTML and JavaScript. When targetting the Windows 10 platform, apps can take advantage of all the new features of Windows 10, such as Cortana integration and can make use of JavaScript libraries. Let’s get started!

MONTEREY CONFERENCE CENTER CONNECTED TO MONTEREY MARRIOTT AND THE PORTOLA HOTEL & SPA The conference will take place at the Monterey Convention Center connected to the Monterey Marriott and Portola hotels. To book a room at our discounted rate please visit https://falafelcon.com/hotel.html or call 203-264-8220 between 9-4 EST.

WORKSHOPS ZEN OF ARCHITECTURE JUVAL LOWY MONDAY 9AM - 4PM For the beginner architect, there are many options for doing pretty much anything. But for the Master architect, there are only a few. In this dense workshop, Juval Lowy will explain his approach to large system analysis and design, using volatility to decompose a system into its comprising services. Juval will contrast it with the most common mistake done in architecture, using functionality to identify services. These are universal design principles, and Juval will use examples from software and non-software systems alike. You will also see how to over- come the real hurdles architects face perusing volatility-based decomposing, simple and practical techniques for identifying areas of volatility, common telltale signs or “smells” when your design is still functional when using the Method, IDesign’s approach for system architecture. You will learn how to literally mechanize software system design, how to do it quickly and effectively. Juval will also discuss logical tiers, security, interoperability, scalability, transactions, and other aspects of a modern application. The workshop concludes with a discussion of how modern architecture fits into development processes such as Agile, common pitfalls of design in an Agile environment, and how to design the development process for maximum productivity.

DESIGNING AZURE SOLUTIONS MICHELE LEROUX BUSTAMANTE MONDAY 9AM - 4PM Microsoft Azure provides an incredibly vast set of features and with the speed of delivery of new features, it becomes a challenge to keep up with the capabilities, choices and how to apply them to you solution needs. This workshop aims to simplify this for you by taking you through a tour of the feature stack with applied design decisions in mind. Discussions will explain compute choices between Virtual Machines, Application Services and Cloud Services; discuss where Docker, containerization and micro services may fit in the decision making process; review batch and asynchronous scenarios and how to choose from technology implementations; discuss the data technology choices with some tips on decision making; and look at queueing technologies, media and content, caching, search and more. There will be demos, practical discussions from customer experiences and design perspectives to help you visualize topologies. Requirement: must be awake for this discussion!

IDENTITY AND ACCESS CONTROL FOR MODERN WEB AND MOBILE APPLICATIONS BROCK ALLEN MONDAY 9AM - 4PM Modern applications developed with Microsoft technologies include one or more of MVC, Web API, SignalR, JavaScript, and/or some sort of mobile platform development framework. These applications deserve modern security to suit their requirements. To satisfy these requirements, a developer must learn a new set of technologies such as OAuth2, OpenID Connect, and JSON Web Tokens. This one-day workshop is your chance to dive into all things security related to these new technologies. Learn how to securely connect native and browser- based applications to your back-ends and achieve modern authentication and authorization.

IOT FIRE STARTER DOUG SEVEN MONDAY 9AM - 4PM Are you a developer that wants to learn about the Internet of Things (IoT)? Do you want to retrieve data from Internet-connected sensors for applications in home automation, healthcare, automotive, government and more? Do you want to control sensors and devices remotely from cloud, mobile, or desktop applications? In the IoT Fire Starter workshop you will use an IoT prototyping kit (that is yours to keep) to learn how to create micro-controller devices (the ‘Things’ in IoT) that use a variety of physical sensors such as light and temperature sensors; control switches; servos; and motors. You will learn how to connect these Things to Microsoft Azure IoT services to both collect data and issue control commands to the devices. Once you have mastered prototyping the hardware and connecting it to the Cloud, you will learn how to leverage Azure IoT services to gain insight into the data coming from your connected Thing, including analytics and machine learning. Following the workshop you will be able to continue your experience with your prototyping kit by following additional hands-on labs you can subscribe to online. You will need to bring your own laptop for this workshop.

20 | SEPTEMBER 14-17, 2015 | Monterey Conference Center, Monterey, CA Top presenters with a passion to share their knowledge and expertise.

AZURE REFERENCE ARCHITECTURE: MACHINE LEARNING ZOINER TEJADA FRIDAY 9AM - 4PM Curious how Machine Learning fits into the overall architecture of an Azure Solution? Machine Learning usually does not stand by itself in the solution…whether you are using as Azure ML as the foundation for a data mining effort, using it as web service to inform automated processes or simply employing ML directly to realize new, untapped values in your data, Azure ML sits as an important and integrated component of your solution architecture. For those unfamiliar with Machine Learning concepts, we will provide a backgrounder so you that you understand the key tools in the toolbox (data transformation, supervised learning modules, unsupervised learning modules) and the value that Azure ML brings to the larger solution (such as classification, clustering and predictive analytics). After that, we will look at how Azure ML integrates with your data pipeline. After all, Azure ML operates on data that exists throughout a solution— data that needs to be prepared, consumed, processed, integrated, stored and ultimately evaluated to drive analysis. We will examine how you train your model (if you have to at all), how to iteratively improve your model and of course how to apply the results. In this technically deep (but statistics light) session we draw from our real-world experience delivering Machine Learning driven solutions for a large beverage manufacturer, an electronics manufacturer, and for a customer in the energy sector to provide you a reference architecture for Azure ML that you can adapt to your own situations and requirements.

HACKING AND HARDENING WINDOWS Hacking was romantic 20 INFRASTRUCTURE WORKSHOP years ago, now it is about PAULA JANUSZKIEWICZ money or information FRIDAY 9AM - 4PM Everyone has heard about breach, no more romance. hackers. It is commonly known that their jobs differ from system Paula Januszkiewicz administrator jobs. However, things they do in their darkened rooms are definitely interesting and worth knowing. Many of the techniques they use are very useful in everyday administration tasks. A Hackers’ knowledge is considered to be valuable, both by system creators and common users. Administrators do not have to be taught how to be a hacker; it is often enough to show them one simple, but very interesting tool or technique, to change the point of view on their own IT environment. Topics covered in this seminar help you to feel for the hacker’s role and evaluate your network from their point of view. Be careful – this workshop is designed for IT and Se- curity professionals who want to take their skills and knowledge to the next level. After this workshop, you will be familiar with hacker techniques, which can be useful to protect yourself against. Two days training with demos and reasonable and knowledgeable explanations. Audience: Network administrators, infrastructure architects, security professionals, systems engi- neers, network administrators, IT professionals, security consultants and other people responsible for implementing network and perimeter security. Certification: At the end participants will receive the online Certificate of attendance signed by the CQURE Speaker.

XAMARIN.FORMS FROM ZERO TO SIXTY JESSE LIBERTY FRIDAY 9AM - 4PM This hands-on workshop will start with the fundamentals of Xamarin.Forms and will work its way up to such advanced topics as styles, messages, and triggers. Participants need not have any experience with mobile programming but do need to have a laptop with Xamarin Studio installed (complete instructions to follow). Each demonstration program will have a completed folder and, as needed, a starter folder.

Register today at TECHintersection.com or call 203.264.8220 | 21 BROCK ALLEN ALI ALVI TONY ANDREWS ADAM BENZION BROCKALLEN.COM MICROSOFT MICROSOFT HACKSTER.IO

TOBY CONSIDINE PAMELA DINGLE BARRY DORRANS CYRIL EBERSWEILER TC9, INC. PING IDENTITY MICROSOFT HAXLR8R

TROY HUNT LAURA HUNTER ROBERT HULBUT PAULA A. JANUSZKIEWICZ TORYHUNT.COM MICROSOFT ROBERTHURLBUT.COM CQURE

MICHAEL MONTGOMERY JOSH MORALES TED NEWARD BARY NUSZ IDESIGN, INC. FALAFEL SOFTWARE, INC. TEDNEWARD.COM FALAFEL SOFTWARE, INC.

ALEXANDRA ROSENBAUM GEORGE SAADEH DOUG SEVEN STEVE SMITH 10TH MAGNITUDE FALAFEL SOFTWARE, INC. MICROSOFT FALAFEL SOFTWARE, INC. Interact with your favorite Microsoft and industry experts.

BARRY BRIGGS KEITH BURNELL MICHELE LEROUX BUSTAMANTE RICHARD CAMPBELL MICROSOFT FALAFEL SOFTWARE, INC. SOLLIANCE RUNAS RADIO

JASON FOLLAS TONY GOODHEW RACHEL HAGERMAN BILLY HOLLIS FALAFEL SOFTWARE, INC. WINDOWS IOT FALAFEL SOFTWARE, INC.

IVAN R. JUDSON, PH.D. VENKATA KOPPAKA JESSE LIBERTY JUVAL LOWY MICROSOFT FALAFEL SOFTWARE, INC. FALAFEL SOFTWARE, INC. IDESIGN, INC.

JAMES OSBORNE CAREY PAYETTE MICHAEL PLATT NOEL RICE MICROSOFT AZURE FALAFEL SOFTWARE, INC. MICROSOFT FALAFEL SOFTWARE, INC.

JIM SPRING ZACH SUPALLA LINO TADROS ZOINER TEJADA MICROSOFT PARTICLE.IO FALAFEL SOFTWARE, INC. SOLLIANCE SEPT 14-17 2015

CONFERENCES MONTEREY CONFERENCE CENTER CONNECTED TO MONTEREY MARRIOTT AND STAY ON THE CUTTING EDGE OF TECHNOLOGY! THE PORTOLA HOTEL & SPA

• 80+ in-depth sessions CO-LOCATED WITH • 40+ Microsoft and industry experts TECHintersection Conferences • Cool evening parties 163 Eagle View Road Southbury, CT 06488

203.264.8220 [email protected] TECHintersection.com